policies/hibp: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
parent
ac136ec5f6
commit
0c92f4a74d
|
|
@ -1,19 +0,0 @@
|
|||
"""authentik HaveIBeenPwned Policy forms"""
|
||||
|
||||
from django import forms
|
||||
|
||||
from authentik.policies.forms import PolicyForm
|
||||
from authentik.policies.hibp.models import HaveIBeenPwendPolicy
|
||||
|
||||
|
||||
class HaveIBeenPwnedPolicyForm(PolicyForm):
|
||||
"""Edit HaveIBeenPwendPolicy instances"""
|
||||
|
||||
class Meta:
|
||||
|
||||
model = HaveIBeenPwendPolicy
|
||||
fields = PolicyForm.Meta.fields + ["password_field", "allowed_count"]
|
||||
widgets = {
|
||||
"name": forms.TextInput(),
|
||||
"password_field": forms.TextInput(),
|
||||
}
|
||||
|
|
@ -35,10 +35,8 @@ class HaveIBeenPwendPolicy(Policy):
|
|||
return HaveIBeenPwendPolicySerializer
|
||||
|
||||
@property
|
||||
def form(self) -> Type[ModelForm]:
|
||||
from authentik.policies.hibp.forms import HaveIBeenPwnedPolicyForm
|
||||
|
||||
return HaveIBeenPwnedPolicyForm
|
||||
def component(self) -> str:
|
||||
return "ak-policy-hibp-form"
|
||||
|
||||
def passes(self, request: PolicyRequest) -> PolicyResult:
|
||||
"""Check if password is in HIBP DB. Hashes given Password with SHA1, uses the first 5
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ import "./dummy/DummyPolicyForm";
|
|||
import "./event_matcher/EventMatcherPolicyForm";
|
||||
import "./expression/ExpressionPolicyForm";
|
||||
import "./expiry/ExpiryPolicyForm";
|
||||
import "./hibp/HaveIBeenPwnedPolicyForm";
|
||||
|
||||
@customElement("ak-policy-list")
|
||||
export class PolicyListPage extends TablePage<Policy> {
|
||||
|
|
@ -86,7 +87,8 @@ export class PolicyListPage extends TablePage<Policy> {
|
|||
"dummy": "ak-policy-dummy-form",
|
||||
"eventmatcher": "ak-policy-event-matcher-form",
|
||||
"expression": "ak-policy-expression-form",
|
||||
"expiry": "ak-policy-password-expiry-form",
|
||||
"passwordexpiry": "ak-policy-password-expiry-form",
|
||||
"haveibeenpwend": "ak-policy-hibp-form",
|
||||
}}>
|
||||
</ak-proxy-form>
|
||||
<button slot="trigger" class="pf-c-button pf-m-secondary">
|
||||
|
|
|
|||
|
|
@ -0,0 +1,87 @@
|
|||
import { HaveIBeenPwendPolicy, PoliciesApi } from "authentik-api";
|
||||
import { gettext } from "django";
|
||||
import { customElement, property } from "lit-element";
|
||||
import { html, TemplateResult } from "lit-html";
|
||||
import { DEFAULT_CONFIG } from "../../../api/Config";
|
||||
import { Form } from "../../../elements/forms/Form";
|
||||
import { ifDefined } from "lit-html/directives/if-defined";
|
||||
import "../../../elements/forms/HorizontalFormElement";
|
||||
import "../../../elements/forms/FormGroup";
|
||||
|
||||
@customElement("ak-policy-hibp-form")
|
||||
export class HaveIBeenPwnedPolicyForm extends Form<HaveIBeenPwendPolicy> {
|
||||
|
||||
set policyUUID(value: string) {
|
||||
new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedRead({
|
||||
policyUuid: value,
|
||||
}).then(policy => {
|
||||
this.policy = policy;
|
||||
});
|
||||
}
|
||||
|
||||
@property({attribute: false})
|
||||
policy?: HaveIBeenPwendPolicy;
|
||||
|
||||
getSuccessMessage(): string {
|
||||
if (this.policy) {
|
||||
return gettext("Successfully updated policy.");
|
||||
} else {
|
||||
return gettext("Successfully created policy.");
|
||||
}
|
||||
}
|
||||
|
||||
send = (data: HaveIBeenPwendPolicy): Promise<HaveIBeenPwendPolicy> => {
|
||||
if (this.policy) {
|
||||
return new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedUpdate({
|
||||
policyUuid: this.policy.pk || "",
|
||||
data: data
|
||||
});
|
||||
} else {
|
||||
return new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedCreate({
|
||||
data: data
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
renderForm(): TemplateResult {
|
||||
return html`<form class="pf-c-form pf-m-horizontal">
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Name")}
|
||||
?required=${true}
|
||||
name="name">
|
||||
<input type="text" value="${ifDefined(this.policy?.name || "")}" class="pf-c-form-control" required>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal name="executionLogging">
|
||||
<div class="pf-c-check">
|
||||
<input type="checkbox" class="pf-c-check__input" ?checked=${this.policy?.executionLogging || false}>
|
||||
<label class="pf-c-check__label">
|
||||
${gettext("Execution logging")}
|
||||
</label>
|
||||
</div>
|
||||
<p class="pf-c-form__helper-text">${gettext("When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.")}</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-group .expanded=${true}>
|
||||
<span slot="header">
|
||||
${gettext("Policy-specific settings")}
|
||||
</span>
|
||||
<div slot="body" class="pf-c-form">
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Password field")}
|
||||
?required=${true}
|
||||
name="passwordField">
|
||||
<input type="text" value="${ifDefined(this.policy?.passwordField || "password")}" class="pf-c-form-control" required>
|
||||
<p class="pf-c-form__helper-text">${gettext("Field key to check, field keys defined in Prompt stages are available.")}</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Allowed count")}
|
||||
?required=${true}
|
||||
name="allowedCount">
|
||||
<input type="number" value="${ifDefined(this.policy?.allowedCount || 0)}" class="pf-c-form-control" required>
|
||||
<p class="pf-c-form__helper-text">${gettext("Allow up to N occurrences in the HIBP database.")}</p>
|
||||
</ak-form-element-horizontal>
|
||||
</div>
|
||||
</ak-form-group>
|
||||
</form>`;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue